rpm: races with chown/chmod/capabilities calls during installation

A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system...

The vulnerability of the Nessus Network Monitor security control tool, related to errors in privilege management, allows a perpetrator to elevate their privileges to the level of NT AUTHORITY\SYSTEM.

The vulnerability of the Nessus Network Monitor security control tool is related to errors in privilege management. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the NT AUTHORITY\SYSTEM level by replacing the file…...

CVE-2023-5622

Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file...

PT-2023-9690 · Mediacms · Mediacms

Name of the Vulnerable Software and Affected Versions: MediaCMS affected versions not specified Description: The issue is related to improper authorization in the MediaCMS content management system. It allows a remote attacker to delete directories in the file system and replace user file content...

The vulnerability of the TightVNC remote desktop access system, related to errors in privilege management, allows a intruder to escalate their privileges.

The vulnerability of the TightVNC remote desktop access system is related to errors in privilege management. Exploiting this vulnerability allows a malicious actor to increase their privileges by replacing files…...

CVE-2023-43496

Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file...

Jenkins Security Vulnerabilities

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins, which stems from the fact that installing a plugin from a URL creates a...

CVE-2023-40985

An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting XSS vulnerability. By providing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when any file ...

RubyGems 输入验证错误漏洞

RubyGems is a Ruby package manager from the RubyGems organization. The product is primarily used to distribute and manage Ruby packages. RubyGems suffers from an input validation error vulnerability that stems from insufficient input validation and allows malicious actors to replace files...

CVE-2023-37200

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause loss of confidentiality when replacing a project file on the local filesystem and after manual restart of the server...

CVE-2023-37200

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause loss of confidentiality when replacing a project file on the local filesystem and after manual restart of the server...

CVE-2023-29147

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier...

CVE-2023-29147

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier...

The vulnerabilities in the configuration of FortiClient installer distributions and the FortiConverter migration service allow a hacker to replace files in the software installation directory.

The vulnerability of the Fortinet FortiClient installer and the FortiConverter configuration and policy transfer tool is related to errors in the use of standard permissions. Exploiting this vulnerability could allow an attacker to replace files in the software installation directory...

CVE-2023-2819

A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull PTR/TRAP could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. This could result in arbitrary javascript code...

CVE-2023-28600

Zoom for MacOSclients prior to 5.14.0 contain an improper access control vulnerability. A malicious user may be able to delete/replace Zoom Client files potentially causing a loss of integrity and availability to the Zoom Client...

Zoom Client 安全漏洞

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in Zoom for MacOS clients versions prior to 5.14.0 that stems from improper access control. An attacker exploiting this vulnerability could delete or replace Zoom...

CVE-2023-31748

Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file...

Design/Logic Flaw

Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file...

CVE-2023-31748

Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file...